MifareClassicTool (MCT) is a Android NFC app for reading, writing, analyzing, etc. MIFARE Classic RFID tags. It provides several features to interact with (and only with) MIFARE Classic RFID tags. It is designed for users who have at least basic familiarity with the MIFARE Classic technology. You also need an understanding of the hexadecimal number system, because all data input and output is in hexadecimal. A list of features can be taken from the readme. This app was initially developed as part of my internship semester at SySS GmbH. Read more

The c’t-Bot is a simple robot of the German IT journal c’t published by Heise. As part of a university lecture we should program it to do simple tasks (e.g. follow a light source). Furthermore, we should implement something we want the robot to do. This is were some fellow students and I implemented a remote control system. The code on the bot is written in C and the code on the controlling computer is written in Python. The connection is done via Wifi. The remote control systems allows to control the robot, execute programs on it and to send and run precompiled code in our own programming language called “Fun”. Read more

As part of my studies, some fellow students and I held a lecture about GSM security. The purpose was to give other students a theoretical and practical background. We put together a script, a handout and some exercises. To make this as palatial as possible we used some Motorola C123 phones running OsmocomBB software. Read more

This is a paper about the basic security concepts of the smart phone operating systems Android and iOS. It was part of my university studies (fourth semester). Please note: The information in the paper are very outdated. Much has changed since then. You will find better and more recent information on the internet. This paper is just here for “completeness”. Read more

This is a paper about basic RFID security issues but with focus on the MIFARE Classic technology. It was part of my university studies (fourth semester). As part of this research, I had a closer look at the MIFARE Classic-based system of my university. Because of the multiple use cases (payment, access control, amount of free copies at the printers, etc.) there are plenty of attack vectors. Furthermore, I build an RFID zapper. This device can destroy RFID chips without leaving a trace (visible from the outside). Read more

JAMM is an implementation of the code-baking game Mastermind. It is written in Java and ships with a simple GUI. There are up to 15 colors and 8 columns, the possibility to save and load games, key bindings to play it with keyboard only and a guess generator if you find yourself clueless. However, the most special part is the artificial intelligence which can solve your code. It is based on the paper “Efficient solutions for Mastermind using genetic algorithms” by Lotte Berghman, Dries Goossens and Roel Leus. The approach of using evolutionary algorithms makes it possible to crack complex codes (15 colors, 8 columns) within few minutes and approximately 10 ties. Read more

This is a paper about basic and common security issues with wireless LANs. It was part of my university studies (first semester). After cracking the WiFi security, basic attack vectors like ARP spoofing and SSL/TLS man-in-the-middle have been taken into account as well. The last part is about my practical experience with wardriving. Read more

ABYSS is a small 2D space game written in C#. It is build using the Irrlicht 3D engine. Maps can be specified using a XML file. The controls are challenging to master and there even is a small power-up system. Read more